CVE-2007-1741

Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...

PT-2007-3108 · Apache +1 · Apache Http Server +1

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server httpd version 2.2.3 Description: The issue in suexec allows local users to potentially create arbitrary UID/GID owned files if /proc is mounted, by leveraging other vulnerabilities. This is dependent on an insecure server...

Critical: Red Hat Security Advisory: mod_jk security update

Updated modjk packages that fix a security issue are now available for Red Hat Application Server v2. This update has been rated as having critical security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP...

CVE-2007-1842

Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019...

Directory traversal

Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conflangdefault parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by...

CVE-2007-1801

Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote attackers to include and execute arbitrary local files via a .. dot dot in the conflangdefault parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by...

Directory traversal

Directory traversal vulnerability in bbcoderef.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log...

Directory traversal

Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. dot dot in the settingsskin parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via...

CVE-2007-1524

Directory traversal vulnerability in themes/default/ in ZomPlog 3.7.6 and earlier allows remote attackers to include arbitrary local files via a .. dot dot in the settingsskin parameter, as demonstrated by injecting PHP code into an Apache HTTP Server log file, which can then be included via...

SA-20070314-0.txt

SEC Consult Security Advisory ======================================================================= title: Apache HTTP Server / Tomcat directory traversal program: Apache HTTP Server / Apache Tomcat vulnerable version: Apache Tomcat 5.x: 5.5.22 Apache Tomcat 6.x: 6.0.10 CVE: CVE-2007-0450 impac...

CVE-2007-0450

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

Directory traversal

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

CVE-2007-0450

CVE-2007-0450 is a directory traversal vulnerability affecting Apache Tomcat (and Tomcat behind certain Apache proxies) where a crafted URI containing a dot-dot sequence and mixed separators (/, , and %5C) can cause unauthorized disclosure of arbitrary files. Affected products/versions include To...

CVE-2007-0450

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...

Apache JK Tomcat Connector: Remote execution of arbitrary code

Background The Apache HTTP server is a very widely used web server. modjk provides the JK module for connecting Tomcat and Apache using the ajp13 protocol. Description ZDI reported an unsafe memory copy in modjk that was discovered by an anonymous researcher in the mapuritoworker function of...

SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal

SEC Consult Security Advisory 20070314-0 ======================================================================= title: Apache HTTP Server / Tomcat directory traversal program: Apache HTTP Server / Apache Tomcat vulnerable version: Apache Tomcat 5.x: 5.5.22 Apache Tomcat 6.x: 6.0.10 CVE:...

CVE-2006-7098

The Debian GNU/Linux 033-FNOSETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl...

CVE-2006-7098

The CVE-2006-7098 entry concerns the Debian patch for Apache HTTP Server 1.3.34-4 (033_-F_NO_SETSID) that fails to fully disassociate httpd from a controlling tty when started interactively. This allows a local attacker to elevate privileges to the tty via a CGI program invoking the TIOCSTI ioctl...

Critical: Red Hat Security Advisory: mod_jk security update

Updated modjk packages that fix a security issue are now available for Red Hat Application Stack v1.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. modjk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTT...

PT-2007-1918 · Apache +2 · Apache Tomcat +3

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server and Tomcat versions prior to 5.5.22 and 6.0.10 Tomcat versions prior to 5.5.22 and 6.0.10 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 ...